From c3f389dade719b7b34825d62404a88cc0d618631 Mon Sep 17 00:00:00 2001
From: Steven Valdez <svaldez@google.com>
Date: Thu, 13 Oct 2016 14:33:35 -0400
Subject: [PATCH] Enabling TLS 1.3 (DRAFT).

Change-Id: I2e4f0db3b8630f990911c8e104f60c048bb7450d
---

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 9cc0d9d..d4db949 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -189,7 +189,7 @@
    * TODO(davidben): Move this field into |s3|, have it store the normalized
    * protocol version, and implement this pre-negotiation quirk in |SSL_version|
    * at the API boundary rather than in internal state. */
-  ssl->version = TLS1_2_VERSION;
+  ssl->version = TLS1_3_VERSION;
   return 1;
 err:
   return 0;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index d8270f3..57343a4 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -965,10 +965,6 @@
                            uint16_t version) {
   if (version == 0) {
     *out = method->max_version;
-    /* TODO(svaldez): Enable TLS 1.3 by default once fully implemented. */
-    if (*out > TLS1_2_VERSION) {
-      *out = TLS1_2_VERSION;
-    }
     return 1;
   }
 
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 5eede01..d847030 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -2410,7 +2410,7 @@
   }
 
   if (ctx->min_version != SSL3_VERSION ||
-      ctx->max_version != TLS1_2_VERSION) {
+      ctx->max_version != TLS1_3_VERSION) {
     fprintf(stderr, "Default TLS versions were incorrect (%04x and %04x).\n",
             ctx->min_version, ctx->max_version);
     return false;
@@ -2574,8 +2574,7 @@
       !TestBadSSL_SESSIONEncoding(kBadSessionExtraField) ||
       !TestBadSSL_SESSIONEncoding(kBadSessionVersion) ||
       !TestBadSSL_SESSIONEncoding(kBadSessionTrailingData) ||
-      // TODO(svaldez): Update this when TLS 1.3 is enabled by default.
-      !TestDefaultVersion(SSL3_VERSION, TLS1_2_VERSION, &TLS_method) ||
+      !TestDefaultVersion(SSL3_VERSION, TLS1_3_VERSION, &TLS_method) ||
       !TestDefaultVersion(SSL3_VERSION, SSL3_VERSION, &SSLv3_method) ||
       !TestDefaultVersion(TLS1_VERSION, TLS1_VERSION, &TLSv1_method) ||
       !TestDefaultVersion(TLS1_1_VERSION, TLS1_1_VERSION, &TLSv1_1_method) ||